Corporations are rapidly deploying web-based applications to automate business processes and to facilitate real-time interaction with customers, business partners and employees. Highly vulnerable to malicious hackers, web applications provide an entry point through which sensitive data can be accessed and stolen. Given the vulnerability of web applications, establishing a web application protection is critical for any enterprise that is exposing sensitive data or transaction systems over the Internet.
Firewalls can be an essential component in a corporate entity's network security plan. They represent a security enforcement point that separates a trusted network from another. Firewalls determine which traffic should be allowed and which traffic should be disallowed based on a predetermined security policy. Firewalls may be implemented as application proxies or application gateways. An application proxy is an application program that runs on a firewall system between two networks and acts as an intermediary between a web client and a web server. When client requests are received at the firewall, the final server destination address is determined by the application proxy software. The application proxy translates the address, performs additional access control checking, and connects to the server on behalf of the client. An application proxy authenticates users and determines whether user requests are legitimate.
A firewall may have adaptive learning functionality to analyze traffic associated with a web server and develop rules for limiting access to the web server content or services. By analyzing a plurality of messages between users and a web server, patterns of behavior may be associated with particular sections of web pages or web server services. These patterns may be adapted in connection with existing rules or administrative decisions to create new rules for the firewall.